Identity and Access Management Monitoring

BOOK A DEMO

100% of Cybersecurity audits conducted by PwC in 2021 show risks related to a lack of security in Active Directory management. 

On average, PwC experts estimate that it takes two and a half years to conduct an Active Directory remediation plan within a large enterprise.

Identity and Access Management Monitoring is a mainstream Microsoft technology used by enterprises to manage user accounts and network access. Its central role makes it a prime target for hackers to gain access to sensitive information and potentially disrupt business operations. Most ransomware attacks rely on the compromise of privileged accounts and spy groups exploit Active Directory configuration flaws to access data or persistently penetrate corporate networks. Our Identity and Access Management Monitoring solution enables you to address these challenges.

LEARN MORE

Benefits of Identity and Access Management Monitoring

Security Monitoring

Continuous monitoring of changes in the security architecture of the Active Directory.

Data collection

Automated collection of your server and workstation configurations.

Compliance review

Review of the level of compliance of your Microsoft security environment with the ANSSI guide.

Overview

Holistic view of the risks in your Microsoft environment.

PwC Expertise

Recognized expertise to help you prioritize the most critical and vulnerable areas of your IS and implement actionable remediation plans.

Identity and Access Management Monitoring differs from the others solutions of the market as it goes beyond in its technical analysis and really allows to solidify AD bases regarding good practices of security and recommended checks by the ANSII. Our tool can allow you to follow the evolution of your AD's remediation and keep pace with the changes that could alter the AD's level of maturity. Therefore, Identity and Access Management Monitoring allows you to keep control at all times of the context of your AD and manage the remediations treating identified vulnerabilities.
Jean-Bernard Rambaud, Partner Cyber Intelligence, PwC France et Maghreb

Pro Subscription

from 40,000€/year

Number of endpoints covered: 1,000
Number of domains covered: 1
Number of iterations (vulnerability assessment & remediation support): 1 / month
Remediation support workshops: 1 / month
Highlighting of AD bad practices (e.g. Privilege, AD Group)
Endpoint analysis (services, processes, scheduled tasks, drivers, AV, local administrators)
Analysis of compliance with the ANSSI guide
Remediation plan
Difference between the different reviews
Detailed report

BOOK A DEMO

Premium subscription

from 65,000€/year

Number of endpoints covered: 3,000
Number of domains covered: up to 3
Number of iterations (vulnerability assessment & remediation support): up to 2 / month
Remediation support workshops: up to 2 / month
Highlighting of AD bad practices (e.g. Privilege, AD Group)
Endpoint analysis (services, processes, scheduled tasks, drivers, AV, local administrators)
Analysis of compliance with the ANSSI guide
Remediation plan
Difference between the different reviews
Detailed report
Managerial report

BOOK A DEMO

Expert subscription

from 100,000€/year

Number of endpoints covered: 10,000
Number of domains covered: up to 10
Number of iterations (vulnerability assessment & remediation support): up to 3 / month
Remediation support workshops: up to 3 / month
Highlighting of AD bad practices (e.g. Privilege, AD Group)
Endpoint analysis (services, processes, scheduled tasks, drivers, AV, local administrators)
Analysis of compliance with the ANSSI guide
Remediation plan
Difference between the different reviews
Detailed report
Managerial report

BOOK A DEMO

Book a demo

The information collected during your visit to this site is protected by Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the "RGPD"), as well as by Law No. 78-17 of January 6, 1978 relating to information technology, files and freedoms, in its latest version in force. This information is also confidential, and is in no way intended to be distributed to third parties, particularly for commercial prospecting purposes. For more information, we invite you to consult our Privacy Policy. For more information, please visit www.pwc.com/structure

F.A.Q

How does the continuous monitoring of the Microsoft environment work?

Our teams use the ISARS tool to collect data on all the components of your environment (Active directory, Workstations, Servers). This information is then analyzed taking into account a set of security controls and best practices, including those promulgated by the ANSSI. Once the analysis is done, our teams sort, analyze and prioritize the results in order to provide you with clear and actionable recommendations, and assist your operational teams in the implementation of remediation actions.

Do you have any examples of security checks performed?

For example, our tool performs the following checks:

Ensure that the last accounts created on the domain have been validated and archived
Review the password policy and ensure that it complies with best practices
Ensure that accounts not used for at least 90 days are disabled or deleted
Review whether network shares are readable and writable by everyone and whether they contain potentially risky data
Ensure that passwords are not trivial
Ensure that all computers have an up-to-date and active antivirus program

What types of data are collected to monitor your Active Directory?

Our tool collects the following data in particular:

Antivirus/EDR deployment status
User account information
Security patches deployment level
Network interface information
The level of strength of passwords
Access to network shares

Identity and Access Management Monitoring

Book a demo

F.A.Q

Related publications

These products might interest you

Threat Watch

Compromise Discovery